@aws-solutions-constructs/aws-cloudfront-oai-s3 2.79.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (108) hide show
  1. package/.jsii +4403 -0
  2. package/README.md +109 -0
  3. package/architecture.png +0 -0
  4. package/integ.config.json +7 -0
  5. package/lib/index.d.ts +118 -0
  6. package/lib/index.js +106 -0
  7. package/package.json +95 -0
  8. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.d.ts +13 -0
  9. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js +56 -0
  10. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  11. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cdk.out +1 -0
  12. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.assets.json +32 -0
  13. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.template.json +1061 -0
  14. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert105E804F.assets.json +19 -0
  15. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/cftoais3bucketencryptedwithmanagedkeyprovidedasexistingbucketIntegDefaultTestDeployAssert105E804F.template.json +36 -0
  16. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/integ.json +12 -0
  17. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/manifest.json +215 -0
  18. package/test/integ.cftoais3-bucket-encrypted-with-managed-key-provided-as-existingbucket.js.snapshot/tree.json +1105 -0
  19. package/test/integ.cftoais3-custom-headers.d.ts +13 -0
  20. package/test/integ.cftoais3-custom-headers.js +71 -0
  21. package/test/integ.cftoais3-custom-headers.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  22. package/test/integ.cftoais3-custom-headers.js.snapshot/cdk.out +1 -0
  23. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3-custom-headers.assets.json +32 -0
  24. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3-custom-headers.template.json +1116 -0
  25. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3customheadersIntegDefaultTestDeployAssert5AA11BA9.assets.json +19 -0
  26. package/test/integ.cftoais3-custom-headers.js.snapshot/cftoais3customheadersIntegDefaultTestDeployAssert5AA11BA9.template.json +36 -0
  27. package/test/integ.cftoais3-custom-headers.js.snapshot/integ.json +12 -0
  28. package/test/integ.cftoais3-custom-headers.js.snapshot/manifest.json +227 -0
  29. package/test/integ.cftoais3-custom-headers.js.snapshot/tree.json +1196 -0
  30. package/test/integ.cftoais3-custom-originPath.d.ts +13 -0
  31. package/test/integ.cftoais3-custom-originPath.js +48 -0
  32. package/test/integ.cftoais3-custom-originPath.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  33. package/test/integ.cftoais3-custom-originPath.js.snapshot/cdk.out +1 -0
  34. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3-custom-originPath.assets.json +32 -0
  35. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3-custom-originPath.template.json +1085 -0
  36. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3customoriginPathIntegDefaultTestDeployAssert1C351914.assets.json +19 -0
  37. package/test/integ.cftoais3-custom-originPath.js.snapshot/cftoais3customoriginPathIntegDefaultTestDeployAssert1C351914.template.json +36 -0
  38. package/test/integ.cftoais3-custom-originPath.js.snapshot/integ.json +12 -0
  39. package/test/integ.cftoais3-custom-originPath.js.snapshot/manifest.json +221 -0
  40. package/test/integ.cftoais3-custom-originPath.js.snapshot/tree.json +1147 -0
  41. package/test/integ.cftoais3-customLoggingBuckets.d.ts +13 -0
  42. package/test/integ.cftoais3-customLoggingBuckets.js +64 -0
  43. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  44. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cdk.out +1 -0
  45. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3-customLoggingBuckets.assets.json +32 -0
  46. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3-customLoggingBuckets.template.json +1109 -0
  47. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3customLoggingBucketsIntegDefaultTestDeployAssert8F33EF2A.assets.json +19 -0
  48. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/cftoais3customLoggingBucketsIntegDefaultTestDeployAssert8F33EF2A.template.json +36 -0
  49. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/integ.json +12 -0
  50. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/manifest.json +221 -0
  51. package/test/integ.cftoais3-customLoggingBuckets.js.snapshot/tree.json +1172 -0
  52. package/test/integ.cftoais3-existing-bucket.d.ts +13 -0
  53. package/test/integ.cftoais3-existing-bucket.js +59 -0
  54. package/test/integ.cftoais3-existing-bucket.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  55. package/test/integ.cftoais3-existing-bucket.js.snapshot/cdk.out +1 -0
  56. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3-existing-bucket.assets.json +32 -0
  57. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3-existing-bucket.template.json +1131 -0
  58. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3existingbucketIntegDefaultTestDeployAssertB7627F26.assets.json +19 -0
  59. package/test/integ.cftoais3-existing-bucket.js.snapshot/cftoais3existingbucketIntegDefaultTestDeployAssertB7627F26.template.json +36 -0
  60. package/test/integ.cftoais3-existing-bucket.js.snapshot/integ.json +12 -0
  61. package/test/integ.cftoais3-existing-bucket.js.snapshot/manifest.json +233 -0
  62. package/test/integ.cftoais3-existing-bucket.js.snapshot/tree.json +1240 -0
  63. package/test/integ.cftoais3-no-arguments.d.ts +13 -0
  64. package/test/integ.cftoais3-no-arguments.js +53 -0
  65. package/test/integ.cftoais3-no-arguments.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  66. package/test/integ.cftoais3-no-arguments.js.snapshot/cdk.out +1 -0
  67. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3-no-arguments.assets.json +32 -0
  68. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3-no-arguments.template.json +1094 -0
  69. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3noargumentsIntegDefaultTestDeployAssert5CF03E3D.assets.json +19 -0
  70. package/test/integ.cftoais3-no-arguments.js.snapshot/cftoais3noargumentsIntegDefaultTestDeployAssert5CF03E3D.template.json +36 -0
  71. package/test/integ.cftoais3-no-arguments.js.snapshot/integ.json +12 -0
  72. package/test/integ.cftoais3-no-arguments.js.snapshot/manifest.json +356 -0
  73. package/test/integ.cftoais3-no-arguments.js.snapshot/tree.json +1146 -0
  74. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.d.ts +13 -0
  75. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js +60 -0
  76. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  77. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cdk.out +1 -0
  78. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3-no-cloudfront-s3-access-logs.assets.json +32 -0
  79. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3-no-cloudfront-s3-access-logs.template.json +743 -0
  80. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3nocloudfronts3accesslogsIntegDefaultTestDeployAssert6D810275.assets.json +19 -0
  81. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/cftoais3nocloudfronts3accesslogsIntegDefaultTestDeployAssert6D810275.template.json +36 -0
  82. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/integ.json +12 -0
  83. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/manifest.json +185 -0
  84. package/test/integ.cftoais3-no-cloudfront-s3-access-logs.js.snapshot/tree.json +726 -0
  85. package/test/integ.cftoais3-no-logging.d.ts +13 -0
  86. package/test/integ.cftoais3-no-logging.js +56 -0
  87. package/test/integ.cftoais3-no-logging.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  88. package/test/integ.cftoais3-no-logging.js.snapshot/cdk.out +1 -0
  89. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3-no-logging.assets.json +32 -0
  90. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3-no-logging.template.json +576 -0
  91. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3nologgingIntegDefaultTestDeployAssertCED06EE4.assets.json +19 -0
  92. package/test/integ.cftoais3-no-logging.js.snapshot/cftoais3nologgingIntegDefaultTestDeployAssertCED06EE4.template.json +36 -0
  93. package/test/integ.cftoais3-no-logging.js.snapshot/integ.json +12 -0
  94. package/test/integ.cftoais3-no-logging.js.snapshot/manifest.json +167 -0
  95. package/test/integ.cftoais3-no-logging.js.snapshot/tree.json +542 -0
  96. package/test/integ.cftoais3-no-security-headers.d.ts +13 -0
  97. package/test/integ.cftoais3-no-security-headers.js +50 -0
  98. package/test/integ.cftoais3-no-security-headers.js.snapshot/asset.faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6/index.js +1 -0
  99. package/test/integ.cftoais3-no-security-headers.js.snapshot/cdk.out +1 -0
  100. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3-no-security-headers.assets.json +32 -0
  101. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3-no-security-headers.template.json +1061 -0
  102. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3nosecurityheadersIntegDefaultTestDeployAssertAB4B2F28.assets.json +19 -0
  103. package/test/integ.cftoais3-no-security-headers.js.snapshot/cftoais3nosecurityheadersIntegDefaultTestDeployAssertAB4B2F28.template.json +36 -0
  104. package/test/integ.cftoais3-no-security-headers.js.snapshot/integ.json +12 -0
  105. package/test/integ.cftoais3-no-security-headers.js.snapshot/manifest.json +215 -0
  106. package/test/integ.cftoais3-no-security-headers.js.snapshot/tree.json +1105 -0
  107. package/test/test.cloudfront-oai-s3.test.d.ts +13 -0
  108. package/test/test.cloudfront-oai-s3.test.js +702 -0
@@ -0,0 +1,1085 @@
1
+ {
2
+ "Description": "Integration Test for originPath with aws-cloudfront-oai-s3",
3
+ "Resources": {
4
+ "testcloudfrontoais3S3LoggingBucketC8A21DD9": {
5
+ "Type": "AWS::S3::Bucket",
6
+ "Properties": {
7
+ "BucketEncryption": {
8
+ "ServerSideEncryptionConfiguration": [
9
+ {
10
+ "ServerSideEncryptionByDefault": {
11
+ "SSEAlgorithm": "AES256"
12
+ }
13
+ }
14
+ ]
15
+ },
16
+ "PublicAccessBlockConfiguration": {
17
+ "BlockPublicAcls": true,
18
+ "BlockPublicPolicy": true,
19
+ "IgnorePublicAcls": true,
20
+ "RestrictPublicBuckets": true
21
+ },
22
+ "Tags": [
23
+ {
24
+ "Key": "aws-cdk:auto-delete-objects",
25
+ "Value": "true"
26
+ }
27
+ ],
28
+ "VersioningConfiguration": {
29
+ "Status": "Enabled"
30
+ }
31
+ },
32
+ "UpdateReplacePolicy": "Delete",
33
+ "DeletionPolicy": "Delete",
34
+ "Metadata": {
35
+ "cfn_nag": {
36
+ "rules_to_suppress": [
37
+ {
38
+ "id": "W35",
39
+ "reason": "This S3 bucket is used as the access logging bucket for another bucket"
40
+ }
41
+ ]
42
+ }
43
+ }
44
+ },
45
+ "testcloudfrontoais3S3LoggingBucketPolicy792609D7": {
46
+ "Type": "AWS::S3::BucketPolicy",
47
+ "Properties": {
48
+ "Bucket": {
49
+ "Ref": "testcloudfrontoais3S3LoggingBucketC8A21DD9"
50
+ },
51
+ "PolicyDocument": {
52
+ "Statement": [
53
+ {
54
+ "Action": "s3:*",
55
+ "Condition": {
56
+ "Bool": {
57
+ "aws:SecureTransport": "false"
58
+ }
59
+ },
60
+ "Effect": "Deny",
61
+ "Principal": {
62
+ "AWS": "*"
63
+ },
64
+ "Resource": [
65
+ {
66
+ "Fn::GetAtt": [
67
+ "testcloudfrontoais3S3LoggingBucketC8A21DD9",
68
+ "Arn"
69
+ ]
70
+ },
71
+ {
72
+ "Fn::Join": [
73
+ "",
74
+ [
75
+ {
76
+ "Fn::GetAtt": [
77
+ "testcloudfrontoais3S3LoggingBucketC8A21DD9",
78
+ "Arn"
79
+ ]
80
+ },
81
+ "/*"
82
+ ]
83
+ ]
84
+ }
85
+ ]
86
+ },
87
+ {
88
+ "Action": [
89
+ "s3:DeleteObject*",
90
+ "s3:GetBucket*",
91
+ "s3:List*",
92
+ "s3:PutBucketPolicy"
93
+ ],
94
+ "Effect": "Allow",
95
+ "Principal": {
96
+ "AWS": {
97
+ "Fn::GetAtt": [
98
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
99
+ "Arn"
100
+ ]
101
+ }
102
+ },
103
+ "Resource": [
104
+ {
105
+ "Fn::GetAtt": [
106
+ "testcloudfrontoais3S3LoggingBucketC8A21DD9",
107
+ "Arn"
108
+ ]
109
+ },
110
+ {
111
+ "Fn::Join": [
112
+ "",
113
+ [
114
+ {
115
+ "Fn::GetAtt": [
116
+ "testcloudfrontoais3S3LoggingBucketC8A21DD9",
117
+ "Arn"
118
+ ]
119
+ },
120
+ "/*"
121
+ ]
122
+ ]
123
+ }
124
+ ]
125
+ },
126
+ {
127
+ "Action": "s3:PutObject",
128
+ "Condition": {
129
+ "ArnLike": {
130
+ "aws:SourceArn": {
131
+ "Fn::GetAtt": [
132
+ "testcloudfrontoais3S3Bucket578AB9F3",
133
+ "Arn"
134
+ ]
135
+ }
136
+ },
137
+ "StringEquals": {
138
+ "aws:SourceAccount": {
139
+ "Ref": "AWS::AccountId"
140
+ }
141
+ }
142
+ },
143
+ "Effect": "Allow",
144
+ "Principal": {
145
+ "Service": "logging.s3.amazonaws.com"
146
+ },
147
+ "Resource": {
148
+ "Fn::Join": [
149
+ "",
150
+ [
151
+ {
152
+ "Fn::GetAtt": [
153
+ "testcloudfrontoais3S3LoggingBucketC8A21DD9",
154
+ "Arn"
155
+ ]
156
+ },
157
+ "/*"
158
+ ]
159
+ ]
160
+ }
161
+ }
162
+ ],
163
+ "Version": "2012-10-17"
164
+ }
165
+ }
166
+ },
167
+ "testcloudfrontoais3S3LoggingBucketAutoDeleteObjectsCustomResource24F8B1EE": {
168
+ "Type": "Custom::S3AutoDeleteObjects",
169
+ "Properties": {
170
+ "ServiceToken": {
171
+ "Fn::GetAtt": [
172
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
173
+ "Arn"
174
+ ]
175
+ },
176
+ "BucketName": {
177
+ "Ref": "testcloudfrontoais3S3LoggingBucketC8A21DD9"
178
+ }
179
+ },
180
+ "DependsOn": [
181
+ "testcloudfrontoais3S3LoggingBucketPolicy792609D7"
182
+ ],
183
+ "UpdateReplacePolicy": "Delete",
184
+ "DeletionPolicy": "Delete"
185
+ },
186
+ "testcloudfrontoais3S3Bucket578AB9F3": {
187
+ "Type": "AWS::S3::Bucket",
188
+ "Properties": {
189
+ "BucketEncryption": {
190
+ "ServerSideEncryptionConfiguration": [
191
+ {
192
+ "ServerSideEncryptionByDefault": {
193
+ "SSEAlgorithm": "AES256"
194
+ }
195
+ }
196
+ ]
197
+ },
198
+ "LifecycleConfiguration": {
199
+ "Rules": [
200
+ {
201
+ "NoncurrentVersionTransitions": [
202
+ {
203
+ "StorageClass": "GLACIER",
204
+ "TransitionInDays": 90
205
+ }
206
+ ],
207
+ "Status": "Enabled"
208
+ }
209
+ ]
210
+ },
211
+ "LoggingConfiguration": {
212
+ "DestinationBucketName": {
213
+ "Ref": "testcloudfrontoais3S3LoggingBucketC8A21DD9"
214
+ }
215
+ },
216
+ "PublicAccessBlockConfiguration": {
217
+ "BlockPublicAcls": true,
218
+ "BlockPublicPolicy": true,
219
+ "IgnorePublicAcls": true,
220
+ "RestrictPublicBuckets": true
221
+ },
222
+ "Tags": [
223
+ {
224
+ "Key": "aws-cdk:auto-delete-objects",
225
+ "Value": "true"
226
+ }
227
+ ],
228
+ "VersioningConfiguration": {
229
+ "Status": "Enabled"
230
+ }
231
+ },
232
+ "UpdateReplacePolicy": "Delete",
233
+ "DeletionPolicy": "Delete"
234
+ },
235
+ "testcloudfrontoais3S3BucketPolicyD2322CC3": {
236
+ "Type": "AWS::S3::BucketPolicy",
237
+ "Properties": {
238
+ "Bucket": {
239
+ "Ref": "testcloudfrontoais3S3Bucket578AB9F3"
240
+ },
241
+ "PolicyDocument": {
242
+ "Statement": [
243
+ {
244
+ "Action": "s3:*",
245
+ "Condition": {
246
+ "Bool": {
247
+ "aws:SecureTransport": "false"
248
+ }
249
+ },
250
+ "Effect": "Deny",
251
+ "Principal": {
252
+ "AWS": "*"
253
+ },
254
+ "Resource": [
255
+ {
256
+ "Fn::GetAtt": [
257
+ "testcloudfrontoais3S3Bucket578AB9F3",
258
+ "Arn"
259
+ ]
260
+ },
261
+ {
262
+ "Fn::Join": [
263
+ "",
264
+ [
265
+ {
266
+ "Fn::GetAtt": [
267
+ "testcloudfrontoais3S3Bucket578AB9F3",
268
+ "Arn"
269
+ ]
270
+ },
271
+ "/*"
272
+ ]
273
+ ]
274
+ }
275
+ ]
276
+ },
277
+ {
278
+ "Action": [
279
+ "s3:DeleteObject*",
280
+ "s3:GetBucket*",
281
+ "s3:List*",
282
+ "s3:PutBucketPolicy"
283
+ ],
284
+ "Effect": "Allow",
285
+ "Principal": {
286
+ "AWS": {
287
+ "Fn::GetAtt": [
288
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
289
+ "Arn"
290
+ ]
291
+ }
292
+ },
293
+ "Resource": [
294
+ {
295
+ "Fn::GetAtt": [
296
+ "testcloudfrontoais3S3Bucket578AB9F3",
297
+ "Arn"
298
+ ]
299
+ },
300
+ {
301
+ "Fn::Join": [
302
+ "",
303
+ [
304
+ {
305
+ "Fn::GetAtt": [
306
+ "testcloudfrontoais3S3Bucket578AB9F3",
307
+ "Arn"
308
+ ]
309
+ },
310
+ "/*"
311
+ ]
312
+ ]
313
+ }
314
+ ]
315
+ },
316
+ {
317
+ "Action": "s3:GetObject",
318
+ "Effect": "Allow",
319
+ "Principal": {
320
+ "CanonicalUser": {
321
+ "Fn::GetAtt": [
322
+ "testcloudfrontoais3CloudFrontDistributionOrigin1S3OriginF57A3CB1",
323
+ "S3CanonicalUserId"
324
+ ]
325
+ }
326
+ },
327
+ "Resource": {
328
+ "Fn::Join": [
329
+ "",
330
+ [
331
+ {
332
+ "Fn::GetAtt": [
333
+ "testcloudfrontoais3S3Bucket578AB9F3",
334
+ "Arn"
335
+ ]
336
+ },
337
+ "/*"
338
+ ]
339
+ ]
340
+ }
341
+ },
342
+ {
343
+ "Action": "s3:GetObject",
344
+ "Condition": {
345
+ "StringEquals": {
346
+ "AWS:SourceArn": {
347
+ "Fn::Join": [
348
+ "",
349
+ [
350
+ "arn:",
351
+ {
352
+ "Ref": "AWS::Partition"
353
+ },
354
+ ":cloudfront::",
355
+ {
356
+ "Ref": "AWS::AccountId"
357
+ },
358
+ ":distribution/",
359
+ {
360
+ "Ref": "testcloudfrontoais3CloudFrontDistribution0E089CC5"
361
+ }
362
+ ]
363
+ ]
364
+ }
365
+ }
366
+ },
367
+ "Effect": "Allow",
368
+ "Principal": {
369
+ "Service": "cloudfront.amazonaws.com"
370
+ },
371
+ "Resource": {
372
+ "Fn::Join": [
373
+ "",
374
+ [
375
+ {
376
+ "Fn::GetAtt": [
377
+ "testcloudfrontoais3S3Bucket578AB9F3",
378
+ "Arn"
379
+ ]
380
+ },
381
+ "/*"
382
+ ]
383
+ ]
384
+ }
385
+ }
386
+ ],
387
+ "Version": "2012-10-17"
388
+ }
389
+ },
390
+ "Metadata": {
391
+ "cfn_nag": {
392
+ "rules_to_suppress": [
393
+ {
394
+ "id": "F16",
395
+ "reason": "Public website bucket policy requires a wildcard principal"
396
+ }
397
+ ]
398
+ }
399
+ }
400
+ },
401
+ "testcloudfrontoais3S3BucketAutoDeleteObjectsCustomResourceA2545EE1": {
402
+ "Type": "Custom::S3AutoDeleteObjects",
403
+ "Properties": {
404
+ "ServiceToken": {
405
+ "Fn::GetAtt": [
406
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
407
+ "Arn"
408
+ ]
409
+ },
410
+ "BucketName": {
411
+ "Ref": "testcloudfrontoais3S3Bucket578AB9F3"
412
+ }
413
+ },
414
+ "DependsOn": [
415
+ "testcloudfrontoais3S3BucketPolicyD2322CC3"
416
+ ],
417
+ "UpdateReplacePolicy": "Delete",
418
+ "DeletionPolicy": "Delete"
419
+ },
420
+ "testcloudfrontoais3SetHttpSecurityHeaders4EB3C97B": {
421
+ "Type": "AWS::CloudFront::Function",
422
+ "Properties": {
423
+ "AutoPublish": true,
424
+ "FunctionCode": "function handler(event) { var response = event.response; var headers = response.headers; headers['strict-transport-security'] = { value: 'max-age=63072000; includeSubdomains; preload'}; headers['content-security-policy'] = { value: \"default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'\"}; headers['x-content-type-options'] = { value: 'nosniff'}; headers['x-frame-options'] = {value: 'DENY'}; headers['x-xss-protection'] = {value: '1; mode=block'}; return response; }",
425
+ "FunctionConfig": {
426
+ "Comment": "SetHttpSecurityHeadersc8c4768161107b774d766be266f3e09baacad971c8",
427
+ "Runtime": "cloudfront-js-1.0"
428
+ },
429
+ "Name": "SetHttpSecurityHeadersc8c4768161107b774d766be266f3e09baacad971c8"
430
+ }
431
+ },
432
+ "testcloudfrontoais3CloudfrontLoggingBucketAccessLogBF5AAF80": {
433
+ "Type": "AWS::S3::Bucket",
434
+ "Properties": {
435
+ "BucketEncryption": {
436
+ "ServerSideEncryptionConfiguration": [
437
+ {
438
+ "ServerSideEncryptionByDefault": {
439
+ "SSEAlgorithm": "AES256"
440
+ }
441
+ }
442
+ ]
443
+ },
444
+ "PublicAccessBlockConfiguration": {
445
+ "BlockPublicAcls": true,
446
+ "BlockPublicPolicy": true,
447
+ "IgnorePublicAcls": true,
448
+ "RestrictPublicBuckets": true
449
+ },
450
+ "Tags": [
451
+ {
452
+ "Key": "aws-cdk:auto-delete-objects",
453
+ "Value": "true"
454
+ }
455
+ ],
456
+ "VersioningConfiguration": {
457
+ "Status": "Enabled"
458
+ }
459
+ },
460
+ "UpdateReplacePolicy": "Delete",
461
+ "DeletionPolicy": "Delete",
462
+ "Metadata": {
463
+ "cfn_nag": {
464
+ "rules_to_suppress": [
465
+ {
466
+ "id": "W35",
467
+ "reason": "This S3 bucket is used as the access logging bucket for another bucket"
468
+ }
469
+ ]
470
+ }
471
+ }
472
+ },
473
+ "testcloudfrontoais3CloudfrontLoggingBucketAccessLogPolicy0C078528": {
474
+ "Type": "AWS::S3::BucketPolicy",
475
+ "Properties": {
476
+ "Bucket": {
477
+ "Ref": "testcloudfrontoais3CloudfrontLoggingBucketAccessLogBF5AAF80"
478
+ },
479
+ "PolicyDocument": {
480
+ "Statement": [
481
+ {
482
+ "Action": "s3:*",
483
+ "Condition": {
484
+ "Bool": {
485
+ "aws:SecureTransport": "false"
486
+ }
487
+ },
488
+ "Effect": "Deny",
489
+ "Principal": {
490
+ "AWS": "*"
491
+ },
492
+ "Resource": [
493
+ {
494
+ "Fn::GetAtt": [
495
+ "testcloudfrontoais3CloudfrontLoggingBucketAccessLogBF5AAF80",
496
+ "Arn"
497
+ ]
498
+ },
499
+ {
500
+ "Fn::Join": [
501
+ "",
502
+ [
503
+ {
504
+ "Fn::GetAtt": [
505
+ "testcloudfrontoais3CloudfrontLoggingBucketAccessLogBF5AAF80",
506
+ "Arn"
507
+ ]
508
+ },
509
+ "/*"
510
+ ]
511
+ ]
512
+ }
513
+ ]
514
+ },
515
+ {
516
+ "Action": [
517
+ "s3:DeleteObject*",
518
+ "s3:GetBucket*",
519
+ "s3:List*",
520
+ "s3:PutBucketPolicy"
521
+ ],
522
+ "Effect": "Allow",
523
+ "Principal": {
524
+ "AWS": {
525
+ "Fn::GetAtt": [
526
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
527
+ "Arn"
528
+ ]
529
+ }
530
+ },
531
+ "Resource": [
532
+ {
533
+ "Fn::GetAtt": [
534
+ "testcloudfrontoais3CloudfrontLoggingBucketAccessLogBF5AAF80",
535
+ "Arn"
536
+ ]
537
+ },
538
+ {
539
+ "Fn::Join": [
540
+ "",
541
+ [
542
+ {
543
+ "Fn::GetAtt": [
544
+ "testcloudfrontoais3CloudfrontLoggingBucketAccessLogBF5AAF80",
545
+ "Arn"
546
+ ]
547
+ },
548
+ "/*"
549
+ ]
550
+ ]
551
+ }
552
+ ]
553
+ },
554
+ {
555
+ "Action": "s3:PutObject",
556
+ "Condition": {
557
+ "ArnLike": {
558
+ "aws:SourceArn": {
559
+ "Fn::GetAtt": [
560
+ "testcloudfrontoais3CloudfrontLoggingBucket55AA79FC",
561
+ "Arn"
562
+ ]
563
+ }
564
+ },
565
+ "StringEquals": {
566
+ "aws:SourceAccount": {
567
+ "Ref": "AWS::AccountId"
568
+ }
569
+ }
570
+ },
571
+ "Effect": "Allow",
572
+ "Principal": {
573
+ "Service": "logging.s3.amazonaws.com"
574
+ },
575
+ "Resource": {
576
+ "Fn::Join": [
577
+ "",
578
+ [
579
+ {
580
+ "Fn::GetAtt": [
581
+ "testcloudfrontoais3CloudfrontLoggingBucketAccessLogBF5AAF80",
582
+ "Arn"
583
+ ]
584
+ },
585
+ "/*"
586
+ ]
587
+ ]
588
+ }
589
+ }
590
+ ],
591
+ "Version": "2012-10-17"
592
+ }
593
+ }
594
+ },
595
+ "testcloudfrontoais3CloudfrontLoggingBucketAccessLogAutoDeleteObjectsCustomResource00DB3AC8": {
596
+ "Type": "Custom::S3AutoDeleteObjects",
597
+ "Properties": {
598
+ "ServiceToken": {
599
+ "Fn::GetAtt": [
600
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
601
+ "Arn"
602
+ ]
603
+ },
604
+ "BucketName": {
605
+ "Ref": "testcloudfrontoais3CloudfrontLoggingBucketAccessLogBF5AAF80"
606
+ }
607
+ },
608
+ "DependsOn": [
609
+ "testcloudfrontoais3CloudfrontLoggingBucketAccessLogPolicy0C078528"
610
+ ],
611
+ "UpdateReplacePolicy": "Delete",
612
+ "DeletionPolicy": "Delete"
613
+ },
614
+ "testcloudfrontoais3CloudfrontLoggingBucket55AA79FC": {
615
+ "Type": "AWS::S3::Bucket",
616
+ "Properties": {
617
+ "AccessControl": "LogDeliveryWrite",
618
+ "BucketEncryption": {
619
+ "ServerSideEncryptionConfiguration": [
620
+ {
621
+ "ServerSideEncryptionByDefault": {
622
+ "SSEAlgorithm": "AES256"
623
+ }
624
+ }
625
+ ]
626
+ },
627
+ "LoggingConfiguration": {
628
+ "DestinationBucketName": {
629
+ "Ref": "testcloudfrontoais3CloudfrontLoggingBucketAccessLogBF5AAF80"
630
+ }
631
+ },
632
+ "OwnershipControls": {
633
+ "Rules": [
634
+ {
635
+ "ObjectOwnership": "ObjectWriter"
636
+ }
637
+ ]
638
+ },
639
+ "PublicAccessBlockConfiguration": {
640
+ "BlockPublicAcls": true,
641
+ "BlockPublicPolicy": true,
642
+ "IgnorePublicAcls": true,
643
+ "RestrictPublicBuckets": true
644
+ },
645
+ "Tags": [
646
+ {
647
+ "Key": "aws-cdk:auto-delete-objects",
648
+ "Value": "true"
649
+ }
650
+ ],
651
+ "VersioningConfiguration": {
652
+ "Status": "Enabled"
653
+ }
654
+ },
655
+ "UpdateReplacePolicy": "Delete",
656
+ "DeletionPolicy": "Delete"
657
+ },
658
+ "testcloudfrontoais3CloudfrontLoggingBucketPolicy2130EE92": {
659
+ "Type": "AWS::S3::BucketPolicy",
660
+ "Properties": {
661
+ "Bucket": {
662
+ "Ref": "testcloudfrontoais3CloudfrontLoggingBucket55AA79FC"
663
+ },
664
+ "PolicyDocument": {
665
+ "Statement": [
666
+ {
667
+ "Action": "s3:*",
668
+ "Condition": {
669
+ "Bool": {
670
+ "aws:SecureTransport": "false"
671
+ }
672
+ },
673
+ "Effect": "Deny",
674
+ "Principal": {
675
+ "AWS": "*"
676
+ },
677
+ "Resource": [
678
+ {
679
+ "Fn::GetAtt": [
680
+ "testcloudfrontoais3CloudfrontLoggingBucket55AA79FC",
681
+ "Arn"
682
+ ]
683
+ },
684
+ {
685
+ "Fn::Join": [
686
+ "",
687
+ [
688
+ {
689
+ "Fn::GetAtt": [
690
+ "testcloudfrontoais3CloudfrontLoggingBucket55AA79FC",
691
+ "Arn"
692
+ ]
693
+ },
694
+ "/*"
695
+ ]
696
+ ]
697
+ }
698
+ ]
699
+ },
700
+ {
701
+ "Action": [
702
+ "s3:DeleteObject*",
703
+ "s3:GetBucket*",
704
+ "s3:List*",
705
+ "s3:PutBucketPolicy"
706
+ ],
707
+ "Effect": "Allow",
708
+ "Principal": {
709
+ "AWS": {
710
+ "Fn::GetAtt": [
711
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
712
+ "Arn"
713
+ ]
714
+ }
715
+ },
716
+ "Resource": [
717
+ {
718
+ "Fn::GetAtt": [
719
+ "testcloudfrontoais3CloudfrontLoggingBucket55AA79FC",
720
+ "Arn"
721
+ ]
722
+ },
723
+ {
724
+ "Fn::Join": [
725
+ "",
726
+ [
727
+ {
728
+ "Fn::GetAtt": [
729
+ "testcloudfrontoais3CloudfrontLoggingBucket55AA79FC",
730
+ "Arn"
731
+ ]
732
+ },
733
+ "/*"
734
+ ]
735
+ ]
736
+ }
737
+ ]
738
+ }
739
+ ],
740
+ "Version": "2012-10-17"
741
+ }
742
+ }
743
+ },
744
+ "testcloudfrontoais3CloudfrontLoggingBucketAutoDeleteObjectsCustomResourceE88BD625": {
745
+ "Type": "Custom::S3AutoDeleteObjects",
746
+ "Properties": {
747
+ "ServiceToken": {
748
+ "Fn::GetAtt": [
749
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F",
750
+ "Arn"
751
+ ]
752
+ },
753
+ "BucketName": {
754
+ "Ref": "testcloudfrontoais3CloudfrontLoggingBucket55AA79FC"
755
+ }
756
+ },
757
+ "DependsOn": [
758
+ "testcloudfrontoais3CloudfrontLoggingBucketPolicy2130EE92"
759
+ ],
760
+ "UpdateReplacePolicy": "Delete",
761
+ "DeletionPolicy": "Delete"
762
+ },
763
+ "testcloudfrontoais3CloudFrontDistributionOrigin1S3OriginF57A3CB1": {
764
+ "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity",
765
+ "Properties": {
766
+ "CloudFrontOriginAccessIdentityConfig": {
767
+ "Comment": "Identity for cftoais3customoriginPathtestcloudfrontoais3CloudFrontDistributionOrigin11DBC1949"
768
+ }
769
+ }
770
+ },
771
+ "testcloudfrontoais3CloudFrontDistribution0E089CC5": {
772
+ "Type": "AWS::CloudFront::Distribution",
773
+ "Properties": {
774
+ "DistributionConfig": {
775
+ "DefaultCacheBehavior": {
776
+ "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6",
777
+ "Compress": true,
778
+ "FunctionAssociations": [
779
+ {
780
+ "EventType": "viewer-response",
781
+ "FunctionARN": {
782
+ "Fn::GetAtt": [
783
+ "testcloudfrontoais3SetHttpSecurityHeaders4EB3C97B",
784
+ "FunctionARN"
785
+ ]
786
+ }
787
+ }
788
+ ],
789
+ "TargetOriginId": "cftoais3customoriginPathtestcloudfrontoais3CloudFrontDistributionOrigin11DBC1949",
790
+ "ViewerProtocolPolicy": "redirect-to-https"
791
+ },
792
+ "DefaultRootObject": "index.html",
793
+ "Enabled": true,
794
+ "HttpVersion": "http2",
795
+ "IPV6Enabled": true,
796
+ "Logging": {
797
+ "Bucket": {
798
+ "Fn::GetAtt": [
799
+ "testcloudfrontoais3CloudfrontLoggingBucket55AA79FC",
800
+ "RegionalDomainName"
801
+ ]
802
+ }
803
+ },
804
+ "Origins": [
805
+ {
806
+ "DomainName": {
807
+ "Fn::GetAtt": [
808
+ "testcloudfrontoais3S3Bucket578AB9F3",
809
+ "RegionalDomainName"
810
+ ]
811
+ },
812
+ "Id": "cftoais3customoriginPathtestcloudfrontoais3CloudFrontDistributionOrigin11DBC1949",
813
+ "OriginPath": "/testPath",
814
+ "S3OriginConfig": {
815
+ "OriginAccessIdentity": {
816
+ "Fn::Join": [
817
+ "",
818
+ [
819
+ "origin-access-identity/cloudfront/",
820
+ {
821
+ "Ref": "testcloudfrontoais3CloudFrontDistributionOrigin1S3OriginF57A3CB1"
822
+ }
823
+ ]
824
+ ]
825
+ }
826
+ }
827
+ }
828
+ ]
829
+ }
830
+ },
831
+ "Metadata": {
832
+ "cfn_nag": {
833
+ "rules_to_suppress": [
834
+ {
835
+ "id": "W70",
836
+ "reason": "Since the distribution uses the CloudFront domain name, CloudFront automatically sets the security policy to TLSv1 regardless of the value of MinimumProtocolVersion"
837
+ }
838
+ ]
839
+ }
840
+ }
841
+ },
842
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092": {
843
+ "Type": "AWS::IAM::Role",
844
+ "Properties": {
845
+ "AssumeRolePolicyDocument": {
846
+ "Version": "2012-10-17",
847
+ "Statement": [
848
+ {
849
+ "Action": "sts:AssumeRole",
850
+ "Effect": "Allow",
851
+ "Principal": {
852
+ "Service": "lambda.amazonaws.com"
853
+ }
854
+ }
855
+ ]
856
+ },
857
+ "ManagedPolicyArns": [
858
+ {
859
+ "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
860
+ }
861
+ ]
862
+ }
863
+ },
864
+ "CustomS3AutoDeleteObjectsCustomResourceProviderHandler9D90184F": {
865
+ "Type": "AWS::Lambda::Function",
866
+ "Properties": {
867
+ "Code": {
868
+ "S3Bucket": {
869
+ "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
870
+ },
871
+ "S3Key": "faa95a81ae7d7373f3e1f242268f904eb748d8d0fdd306e8a6fe515a1905a7d6.zip"
872
+ },
873
+ "Timeout": 900,
874
+ "MemorySize": 128,
875
+ "Handler": "index.handler",
876
+ "Role": {
877
+ "Fn::GetAtt": [
878
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092",
879
+ "Arn"
880
+ ]
881
+ },
882
+ "Runtime": {
883
+ "Fn::FindInMap": [
884
+ "LatestNodeRuntimeMap",
885
+ {
886
+ "Ref": "AWS::Region"
887
+ },
888
+ "value"
889
+ ]
890
+ },
891
+ "Description": {
892
+ "Fn::Join": [
893
+ "",
894
+ [
895
+ "Lambda function for auto-deleting objects in ",
896
+ {
897
+ "Ref": "testcloudfrontoais3S3LoggingBucketC8A21DD9"
898
+ },
899
+ " S3 bucket."
900
+ ]
901
+ ]
902
+ }
903
+ },
904
+ "DependsOn": [
905
+ "CustomS3AutoDeleteObjectsCustomResourceProviderRole3B1BD092"
906
+ ],
907
+ "Metadata": {
908
+ "cfn_nag": {
909
+ "rules_to_suppress": [
910
+ {
911
+ "id": "W58",
912
+ "reason": "CDK generated custom resource"
913
+ },
914
+ {
915
+ "id": "W89",
916
+ "reason": "CDK generated custom resource"
917
+ },
918
+ {
919
+ "id": "W92",
920
+ "reason": "CDK generated custom resource"
921
+ }
922
+ ]
923
+ }
924
+ }
925
+ }
926
+ },
927
+ "Mappings": {
928
+ "LatestNodeRuntimeMap": {
929
+ "af-south-1": {
930
+ "value": "nodejs20.x"
931
+ },
932
+ "ap-east-1": {
933
+ "value": "nodejs20.x"
934
+ },
935
+ "ap-northeast-1": {
936
+ "value": "nodejs20.x"
937
+ },
938
+ "ap-northeast-2": {
939
+ "value": "nodejs20.x"
940
+ },
941
+ "ap-northeast-3": {
942
+ "value": "nodejs20.x"
943
+ },
944
+ "ap-south-1": {
945
+ "value": "nodejs20.x"
946
+ },
947
+ "ap-south-2": {
948
+ "value": "nodejs20.x"
949
+ },
950
+ "ap-southeast-1": {
951
+ "value": "nodejs20.x"
952
+ },
953
+ "ap-southeast-2": {
954
+ "value": "nodejs20.x"
955
+ },
956
+ "ap-southeast-3": {
957
+ "value": "nodejs20.x"
958
+ },
959
+ "ap-southeast-4": {
960
+ "value": "nodejs20.x"
961
+ },
962
+ "ap-southeast-5": {
963
+ "value": "nodejs20.x"
964
+ },
965
+ "ap-southeast-7": {
966
+ "value": "nodejs20.x"
967
+ },
968
+ "ca-central-1": {
969
+ "value": "nodejs20.x"
970
+ },
971
+ "ca-west-1": {
972
+ "value": "nodejs20.x"
973
+ },
974
+ "cn-north-1": {
975
+ "value": "nodejs18.x"
976
+ },
977
+ "cn-northwest-1": {
978
+ "value": "nodejs18.x"
979
+ },
980
+ "eu-central-1": {
981
+ "value": "nodejs20.x"
982
+ },
983
+ "eu-central-2": {
984
+ "value": "nodejs20.x"
985
+ },
986
+ "eu-isoe-west-1": {
987
+ "value": "nodejs18.x"
988
+ },
989
+ "eu-north-1": {
990
+ "value": "nodejs20.x"
991
+ },
992
+ "eu-south-1": {
993
+ "value": "nodejs20.x"
994
+ },
995
+ "eu-south-2": {
996
+ "value": "nodejs20.x"
997
+ },
998
+ "eu-west-1": {
999
+ "value": "nodejs20.x"
1000
+ },
1001
+ "eu-west-2": {
1002
+ "value": "nodejs20.x"
1003
+ },
1004
+ "eu-west-3": {
1005
+ "value": "nodejs20.x"
1006
+ },
1007
+ "il-central-1": {
1008
+ "value": "nodejs20.x"
1009
+ },
1010
+ "me-central-1": {
1011
+ "value": "nodejs20.x"
1012
+ },
1013
+ "me-south-1": {
1014
+ "value": "nodejs20.x"
1015
+ },
1016
+ "mx-central-1": {
1017
+ "value": "nodejs20.x"
1018
+ },
1019
+ "sa-east-1": {
1020
+ "value": "nodejs20.x"
1021
+ },
1022
+ "us-east-1": {
1023
+ "value": "nodejs20.x"
1024
+ },
1025
+ "us-east-2": {
1026
+ "value": "nodejs20.x"
1027
+ },
1028
+ "us-gov-east-1": {
1029
+ "value": "nodejs18.x"
1030
+ },
1031
+ "us-gov-west-1": {
1032
+ "value": "nodejs18.x"
1033
+ },
1034
+ "us-iso-east-1": {
1035
+ "value": "nodejs18.x"
1036
+ },
1037
+ "us-iso-west-1": {
1038
+ "value": "nodejs18.x"
1039
+ },
1040
+ "us-isob-east-1": {
1041
+ "value": "nodejs18.x"
1042
+ },
1043
+ "us-west-1": {
1044
+ "value": "nodejs20.x"
1045
+ },
1046
+ "us-west-2": {
1047
+ "value": "nodejs20.x"
1048
+ }
1049
+ }
1050
+ },
1051
+ "Parameters": {
1052
+ "BootstrapVersion": {
1053
+ "Type": "AWS::SSM::Parameter::Value<String>",
1054
+ "Default": "/cdk-bootstrap/hnb659fds/version",
1055
+ "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
1056
+ }
1057
+ },
1058
+ "Rules": {
1059
+ "CheckBootstrapVersion": {
1060
+ "Assertions": [
1061
+ {
1062
+ "Assert": {
1063
+ "Fn::Not": [
1064
+ {
1065
+ "Fn::Contains": [
1066
+ [
1067
+ "1",
1068
+ "2",
1069
+ "3",
1070
+ "4",
1071
+ "5"
1072
+ ],
1073
+ {
1074
+ "Ref": "BootstrapVersion"
1075
+ }
1076
+ ]
1077
+ }
1078
+ ]
1079
+ },
1080
+ "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
1081
+ }
1082
+ ]
1083
+ }
1084
+ }
1085
+ }